Search by job, company or skills

NextEra

Identity Management Consultant

NextEra
Saudi Arabia, Dammam
10-12 Years

This job is no longer accepting applications

new job description bg glownew job description bg glownew job description bg svg
  • Posted a month ago

Job Description

Dear All,

NextEra is looking for resource in experienced Identity & Access Management (IAM) Lead/Architect with deep expertise in Oracle Cloud Infrastructure (OCI) to design, implement, and govern cloud identity solutions. The ideal candidate will be responsible for OCI IAM strategy, Zero Trust access, privileged access controls, federation/SSO, RBAC/ABAC, IAM automation, and compliance across enterprise cloud workloads.

Key Responsibilities

OCI IAM Architecture & Governance

  • Own and drive the OCI IAM architecture, including tenancy design, compartments, groups, dynamic groups, policies, tag-based governance, and guardrails.
  • Define and implement least privilege access models using OCI policies and strong governance mechanisms.
  • Establish IAM standards, reusable patterns, and design blueprints for OCI cloud adoption.

Identity Lifecycle & Access Controls

  • Implement Joiner-Mover-Leaver (JML) lifecycle processes integrating enterprise directories (e.g., AD/Azure AD/LDAP) with OCI.
  • Design Role-Based Access Control (RBAC) and, where needed, Attribute-Based Access Control (ABAC) models.
  • Enforce MFA, conditional access patterns, secure session policies, and modern authentication approaches.

Federation, SSO & Directory Integration

  • Enable SSO and federation using SAML 2.0 / OAuth2 / OIDC, integrating with enterprise IdPs (e.g., Azure AD, Okta, Ping).
  • Configure and support identity provider integrations for OCI Console, APIs, and enterprise applications.

Privileged Access Management (PAM) & Secrets

  • Design and enforce privileged access controls; integrate with PAM tools (e.g., CyberArk, BeyondTrust, Delinea) where applicable.
  • Implement secure secrets and credential handling (OCI Vault / HSM where applicable), rotation strategies, and auditability.

Automation & Infrastructure as Code (IaC)

  • Automate provisioning and policy deployments using Terraform, CI/CD pipelines, and scripting (Python/PowerShell/Bash).
  • Build IAM automation for access requests, approvals, recertifications, and reporting.

Monitoring, Audit, and Compliance

  • Enable logging/monitoring for identity activities, including audit events and access analytics; integrate with SIEM tools (e.g., Splunk, Sentinel, QRadar).
  • Support security/compliance frameworks such as ISO 27001, SOC2, PCI-DSS, SOX, HIPAA (as relevant).
  • Conduct periodic access reviews, entitlement recertifications, and control validations.

Stakeholder & Delivery Leadership

  • Act as a trusted IAM advisor to platform teams, application owners, compliance, and security leadership.
  • Lead technical reviews, mentor team members, and drive incident response for identity-related security events.
  • Produce high-quality documentation: HLD/LLD, SOPs, runbooks, and operational playbooks.

Required Skills & Qualifications

  • 10+ years of overall experience in IAM / Security Engineering / Identity Architecture.
  • Strong hands-on experience with OCI IAM, including:
  • Tenancy & compartment strategy
  • Groups/dynamic groups
  • Policies & least privilege modeling
  • Federation/SSO setup and troubleshooting
  • Solid understanding of authentication/authorization protocols: SAML 2.0, OAuth2, OIDC, LDAP, Kerberos.
  • Experience designing RBAC/ABAC models and implementing governance at enterprise scale.
  • Experience with Terraform and automation (CI/CD) for IAM controls.
  • Working knowledge of Cloud Security concepts: Zero Trust, segmentation, audit logging, encryption, key management, secure access patterns.
  • Strong troubleshooting skills across identity flows (tokens, assertions, certificates, federation metadata, clock skew, etc.).

Good-to-Have (Preferred)

  • Experience with OCI Vault, KMS/HSM concepts, and secrets rotation.
  • Experience integrating OCI with Azure AD/Okta/Ping and IAM governance tools (e.g., SailPoint, Saviynt).
  • Experience with PAM tooling and privileged workflows.
  • Exposure to multi-cloud IAM patterns (AWS/Azure/GCP).
  • Knowledge of DevSecOps and security controls in CI/CD pipelines.

Certifications (Preferred)

  • Oracle Cloud Infrastructure (OCI) Security certification(s) (preferred)
  • CISSP / CISM / CCSP (good to have)
  • Terraform Associate (good to have)

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Identity Access Management
Employment Type:
Full time

About Company

NextEra

Job ID: 141915533

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 25-02-2026 01:07:26 AM
Homejobs in Saudi ArabiaIdentity Management Consultant